Monday, February 10, 2014

The latest high profile cyber weapon to be discover - called The Mask (or Careto) - originated in a Spanish speaking company and has gone undetected since 2007 and infected victims in 31 different countries.

The latest cyber-espionage tool was revealed by Kaspersky Labs at its Security Analysts Summit taking place in the Dominican Republic this week.

Kaspersky says The Mask has been operating in 2007 and has affected 380 targets in 31 countries. Targets include government institutions, oil and gas companies and activists, with The Mask designed to steal documents, encryption keys and other sensitive files, as well as take full control of infected computers.

One of the most interesting aspects of The Mask is that it was created by Spanish-speaking software engineers, whereas previously high-profile malware has emerged from Russia, China, the US and Israel.

Kaspersky wouldn't reveal which country had created The Mask but said it had been most active in Morocco, followed by Brazil, the United Kingdom, France and Spain.

The Mask is the latest in a long line of what are all believed to be state-sponsored malware, which began with Stuxnet and was followed by Duqu, Flame, Gauss and last year the discovery of Red October.

The Mask was able to infect PCs running Windows and Mac OS X as well as Android smartphones and tablets as well as Apple's iPhones and iPads.

The malware had been operating since 2007 and spread using phishingemails. The emails contained links which looked to come from major news outlets such as The Guardian and The Washington Post, as well as looking like it was linking to YouTube.

The malware was in fact linking to websites which were infected and downloaded the malicious software to the victim's computer.

As of last month all of the command and control servers controlling The Mask were taken offline by the attackers. However Kaspersky hasn't ruled out the malware reappearing in the future.